A computer system typically includes several hardware components including a processor to process information and data. These platform components can be organized in a variety of ways. Furthermore, the computer system can be provisioned or configured to protect ones of the hardware components, or portions of a hardware component. For example, the processor may operate in a normal mode, such as when running a typical operating system for normal data processing; or an isolated mode, such as the system management mode (SMM) for platform specific tasks. SMM allows system developers and operators to provide functions like power management or security, in a manner that is transparent to the operating system (OS) and other application programs.
It is to be appreciated, overall security of the computer system is related to correct configuration of the hardware components that make up the system. Typically, this configuration is done by a basic input-output system (BIOS) or a unified extensible firmware interface (UEFI). In some cases, computer systems can be configured incorrectly or contain code that is insufficiently robust with regard to malicious exploitation of exposed interfaces. Exploitable vulnerabilities can be introduced by these types of misconfiguration or coding errors. With some of these cases, the misconfiguration or coding error may not result in a functional failure allowing such errors to go unobserved unless and until it is discovered, either through security validation, security researchers, or malware writers.